The invention relates to usage rights for controlling the distribution and use of digital content, and more particularly to a method and an apparatus for managing usage rights to be associated with content.
The Internet is a worldwide network of computers linked together by various hardware communication links all running a standard suite of protocols known as TCP/IP (transmission control protocol/Internet protocol). The growth of the Internet over the last several years has been explosive, fueled in the most part by the widespread use of software tools (known as “browsers”) which allow both HTML (hypertext markup language) viewing and HTTP (hypertext transfer protocol) navigation. Browsers allow a simple GUI (graphical user interface) to be used to communicate over the Internet. Browsers generally reside on the computer used to access content on the Internet, i.e. the client computer. HTTP is a component on top of TCP/IP and provides users access to documents of various formats using the standard page description language known as HTML and more recently XML (extensible markup language) and XHTML (extensible hypertext markup language), a reformulation of HTML into XML. The collection of servers on the Internet using HTML/HTTP has become known as the “World Wide Web” or simply the “Web.”
Through HTML, XHTML, and interactive programming protocols, the author of content is able to make the content available to others by placing the content, in the form of a Web page, on an Internet Web server. The network path to the server is identified by a URL (Uniform Resource Locator) and, generally, any client running a Web browser can access the Web server by using the URL. A client computer running a browser can request a display of a Web page stored on a Web server by issuing a URL request through the Internet to the Web in a known manner.
Since the Web utilizes standard protocols and a standard rendering engine, i.e. the rendering engine of the browser, the Web has become ubiquitous. One of the primary applications of the Web has been distribution of content in the form of documents. A “document”, as the term is used herein, is any unit of information subject to distribution or transfer, including but not limited to correspondence, books, magazines, journals, newspapers, other papers, software, photographs and other images, audio and video clips, and other multimedia presentations. A document may be embodied in printed form on paper, as digital data on a storage medium, or in any other known manner on a variety of media.
However, one of the most important issues impeding the widespread distribution of digital documents, i.e. documents in forms readable by computers, via electronic means, and the Internet in particular, is the current lack of protection of the intellectual property rights of content owners during the distribution and use of those digital documents. Efforts to resolve this problem have been termed “Intellectual Property Rights Management” (“IPRM”), “Digital Property Rights Management” (“DPRM”), “Intellectual Property Management” (“IPM”), “Rights Management” (“RM”), and “Electronic Copyright Management” (“ECM”), collectively referred to as “Digital rights management (DRM)” herein.
In the world of printed documents, a work created by an author is usually provided to a publisher, which formats and prints numerous copies of the work. The copies are then sent by a distributor to bookstores or other retail outlets, from which the copies are purchased by end users. While the low quality of copying and the high cost of distributing printed material have served as deterrents to unauthorized copying of most printed documents, it is far too easy to copy, modify, and redistribute unprotected digital documents. Accordingly, some method of protecting digital documents is necessary to make it more difficult to copy and distribute them without authorization.
Unfortunately, it has been widely recognized that it is difficult to prevent, or even deter people from making unauthorized distributions of electronic documents within current general-purpose computing and communications systems such as personal computers, workstations, and other devices connected over communications networks, such as local area networks (LANs), intranets, and the Internet. Many attempts to provide hardware-based solutions to prevent unauthorized copying have proven to be unsuccessful. The proliferation of “broadband” communications technologies will render it even more convenient to distribute large documents electronically, including video files such as full length motion pictures, and thus will remove any remaining deterrents to unauthorized distribution of documents. Accordingly, DRM technologies are becoming very useful.
Two basic schemes have been employed to attempt to solve the document protection problem: secure containers and trusted systems. A “secure container” (or simply an encrypted document) offers a way to keep document contents encrypted until a set of authorization conditions are met and some copyright terms are honored (e.g., payment for use). After the various conditions and terms are verified with the document provider, the document is released to the user in clear form. Commercial products such as Cryptolopes by IBM™ and by InterTrust's ™ Digiboxes fall into this category. Clearly, the secure container approach provides a solution to protecting the document during delivery over insecure channels, but does not provide any mechanism to prevent legitimate users from obtaining the clear document and then using and redistributing it in violation of content owners's intellectual property.
Cryptographic mechanisms are typically used to encrypt (or “encipher”) documents that are then distributed and stored publicly, and ultimately privately deciphered, i.e. unencrypted, by authorized users. This provides a basic form of protection during document delivery from a document distributor to an authorized user over a public network, as well as during document storage on an insecure medium.
In the “trusted system” approach, the entire system is responsible for preventing unauthorized use and distribution of the document. Building a trusted system usually entails introducing new hardware such as a secure processor, secure storage and secure rendering devices. This also requires that all software applications that run on trusted systems be certified to be trusted. While building tamper-proof trusted systems is still a real challenge to existing technologies, current market trends suggest that open and untrusted systems such as PC's and workstations using browsers to access the Web, will be the dominant systems used to access copyrighted documents. In this sense, existing computing environments such as PC's and workstations equipped with popular operating systems (e.g., Windows™, Linux™, and UNIX) and rendering applications such as browsers are not trusted systems and cannot be made trusted without significantly altering their architectures. Of course, alteration of the architecture defeats a primary purpose of the Web, i.e. flexibility and compatibility.
U.S. Pat. No. 5,715,403, the disclosure of which is incorporated herein by reference, discloses a system for controlling the distribution of digital documents. Each rendering device has a repository associated therewith. Usage rights labels are associated with digital content. The labels include usage rights that specify a manner of use of the content and any conditions precedent for exercising the manner of use. U.S. Pat. No. 5,052,040 discloses the use of a label prefixed to digital files so that different users can have specific encryption capability and rights with respect to the same file.
The proliferation of the Web, and its usefulness in document distribution, makes it desirable to apply DRM features to many documents in various systems. However, there are no universally accepted formats or mechanisms for creating usage rights, associating usage rights with content, or generally managing usage rights. Accordingly, applications form various vendors are not compatible with usage rights associated with various documents in a consistent manner.